simple[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

simple.exe
Size

94.6MB
MD5

504f30b22b08514f13ad74b38d8b2bbb
SHA1

5985fbee086c8846bd5d243d6c940a2148deaed9
SHA256

1bb942dea764b20b41f4dd5b7ca8a7130e9c3a201fbed1a64ae0be18b9ae64f3
SHA512

5bb9464d65c6eeec399df16ba0224f10976dc66da1c36712639cfbcce1ad9be0e5349628f127a512157a1b2d3b87472e496ba272b02ae425a9bc4a2300d1ec1c
SSDEEP

786432:oUnxBBGOs595aauQR1whpRjBQmcYLkP/SQSyCDGk/hlhNjW5338:oUnxrGz9Zyj6m8iHDVw533

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
simple.exe

Files

simple.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: - Virtual size: 989KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.4Lof0
Size: - Virtual size: 57.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.a9H
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Gz
Size: 34.3MB - Virtual size: 34.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rbdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE